General
-
Target
125c286ae99f2dda8188dafd5ba3ddd093c6c8f8f11a64c0e7b642fc85c7ee6f
-
Size
176KB
-
Sample
220212-f9fh8sgee3
-
MD5
60b6116568bbd2533157dc5a98bcccdc
-
SHA1
57a67cf4785b958594b88138144cf68c0b01d827
-
SHA256
125c286ae99f2dda8188dafd5ba3ddd093c6c8f8f11a64c0e7b642fc85c7ee6f
-
SHA512
b9ebbc6a02f3af0f1a9c7e7f2aced50d5e7c80b639a16f5a39fa90ff7657506df67c1950601425f47359cf7684365722136348dceb05129a250a0860172de00c
Static task
static1
Behavioral task
behavioral1
Sample
125c286ae99f2dda8188dafd5ba3ddd093c6c8f8f11a64c0e7b642fc85c7ee6f.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
125c286ae99f2dda8188dafd5ba3ddd093c6c8f8f11a64c0e7b642fc85c7ee6f.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
125c286ae99f2dda8188dafd5ba3ddd093c6c8f8f11a64c0e7b642fc85c7ee6f
-
Size
176KB
-
MD5
60b6116568bbd2533157dc5a98bcccdc
-
SHA1
57a67cf4785b958594b88138144cf68c0b01d827
-
SHA256
125c286ae99f2dda8188dafd5ba3ddd093c6c8f8f11a64c0e7b642fc85c7ee6f
-
SHA512
b9ebbc6a02f3af0f1a9c7e7f2aced50d5e7c80b639a16f5a39fa90ff7657506df67c1950601425f47359cf7684365722136348dceb05129a250a0860172de00c
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-